{"title":"Samuel Henrique (samueloph)","subtitle":"My personal website","link":[{"@attributes":{"rel":"self","type":"application\/atom+xml","href":"https:\/\/samueloph.dev\/atom.xml"}},{"@attributes":{"rel":"alternate","type":"text\/html","href":"https:\/\/samueloph.dev"}}],"generator":"Zola","updated":"2026-04-02T00:00:00+00:00","id":"https:\/\/samueloph.dev\/atom.xml","entry":[{"title":"Bringing HTTP\/3 to curl on Amazon Linux","published":"2026-04-02T00:00:00+00:00","updated":"2026-04-02T00:00:00+00:00","author":{"name":"\n \n Unknown\n \n "},"link":{"@attributes":{"rel":"alternate","type":"text\/html","href":"https:\/\/samueloph.dev\/blog\/bringing-http3-to-curl-on-amazon-linux\/"}},"id":"https:\/\/samueloph.dev\/blog\/bringing-http3-to-curl-on-amazon-linux\/","content":" \"Screenshot\n

tl;dr<\/h4>\n

Starting with curl 8.17.0-1.amzn2023.0.2<\/strong> in Amazon Linux 2023, you can now use HTTP\/3.<\/p>\n

dnf<\/span> swap<\/span> -y<\/span> libcurl-minimal libcurl-full<\/span><\/span>\ndnf<\/span> swap<\/span> -y<\/span> curl-minimal curl-full<\/span><\/span>\ncurl<\/span> --http3-only<\/span> https:\/\/example.com<\/span><\/span><\/code><\/pre>\n
(HTTP\/3 is only enabled in the curl -full builds)<\/em><\/p>\n
Or, if you would like to try it out in a container:<\/p>\n
podman<\/span> run amazonlinux:2023 \/bin\/sh<\/span> -c<\/span> '<\/span>dnf upgrade -y --releasever=latest && dnf swap -y libcurl-minimal libcurl-full && dnf swap -y curl-minimal curl-full && curl --http3-only https:\/\/example.com<\/span>'<\/span><\/span><\/code><\/pre>\n
For a list of test endpoints, you can refer to\nhttps:\/\/bagder.github.io\/HTTP3-test\/<\/a><\/p>\n
The Upgrade I Didn't Have to Make<\/h1>\n
My teammate Steve Zarkos, who previously worked on upgrading OpenSSL in Amazon\nLinux from 3.0 to 3.2, spent the last few months on the complex task of bumping\nOpenSSL again, this time to 3.5. A bump like this only happens after extensive\ncode analysis and testing, something that I didn't foresee happening when\nAL2023 was released but that was a notable request from users.<\/p>\n
Having enabled HTTP\/3 on\nDebian<\/a>, I was\nalways keeping an eye on when I would get to do the same for Amazon Linux (mind\nyou, I work at AWS, in the Amazon Linux org). The bump to OpenSSL 3.5 was the\nperfect opportunity to do that, for the first time Amazon Linux is shipping an\nOpenSSL version that is supported by ngtcp2 for HTTP\/3 support.<\/p>\n
Non-Intrusive Change<\/h1>\n
In order to avoid any intrusive changes to existing users of AL2023, I've only\nenabled HTTP\/3 in the full build of curl, not in the minimal one, this means\nthere is no change for the minimal images.<\/p>\n
The way curl handles HTTP\/3 today also does not lead to any behavior changes\nfor those who have the full variants of curl installed, this is due to the fact\nthat HTTP\/3 is only used if the user explicitly asks for it with the flags\n--http3<\/code> or --http3-only<\/code>.<\/p>\n
Side Quests<\/h1>\n
Supporting HTTP\/3 on curl also requires building it with ngtcp2 and nghttp3,\ntwo packages which were not shipped in Amazon Linux, besides, my team doesn't\neven own the curl package, we are a security team so our packages are the\nsecurity related stuff such as OpenSSL and GnuTLS. Our main focus is the\nservices behind Amazon Linux's vulnerability handling, not package maintenance.<\/p>\n
I worked with the owners of the curl package and got approvals on a plan to\nintroduce the two new dependencies under their ownership and to enable the\nfeature on curl, I appreciate their responsiveness.<\/p>\n
Amazon Linux 2023 is forked from Fedora, so while introducing ngtcp2, I also\nsent a couple of Pull Requests upstream to keep things in sync:<\/p>\n
[ngtcp2] package latest release 1.21.0<\/a><\/p>\n
[ngtcp2] do not skip tests<\/a><\/p>\n
While building the curl package in Amazon Linux, I've noticed the build was\ntaking 1 hour from start to end, and the culprit was something well known to\nme; tests.<\/p>\n
The curl test suite is quite extensive, with more than 1600 tests, all of that\nrunning without parallelization, running two times for each build of the\npackage; once for the minimal build and again for the full build.<\/p>\n
I had previously enabled parallel tests in Debian back in 2024 but never got\naround to submit the same improvements to Amazon Linux or Fedora, this is now\nfixed. The build times for Amazon Linux came down to 10 minutes under the same\nhost (previously 1 hour), and Fedora promptly merged my PR to do the same\nthere:<\/p>\n
[curl] run tests in parallel<\/a><\/p>\n
All of this uncovered a test which is timing-dependent, meaning it's not\nsupposed to be run with high levels of parallelism, so there goes another PR,\nthis time to curl:<\/p>\n
Flag test 766 as timing-dependent#21155<\/a><\/p>\n
What started as enabling a single feature turned into improvements that landed\nin curl, Fedora, and Amazon Linux alike. I did this in a mix of work and\nvolunteer time, mostly during work hours (work email address used when this was\nthe case), but I'm glad I put in the extra time for the sake of improving curl\nfor everyone.<\/p>\n
Release Notes<\/h1>\n
Amazon Linux 2023 release notes for 2023.10.20260330<\/a><\/p>\n"},{"title":"Latest NVIDIA Drivers for Debian (Packaged with AI)","published":"2026-03-29T00:00:00+00:00","updated":"2026-03-29T00:00:00+00:00","author":{"name":"\n            \n              Unknown\n            \n          "},"link":{"@attributes":{"rel":"alternate","type":"text\/html","href":"https:\/\/samueloph.dev\/blog\/latest-nvidia-drivers-for-debian-packaged-with-ai\/"}},"id":"https:\/\/samueloph.dev\/blog\/latest-nvidia-drivers-for-debian-packaged-with-ai\/","content":" \"Two\nterminal\n
tl;dr<\/h4>\n
This is not an official package, it's good enough for me and it might be good\nenough for you, confirmed as working in Debian Testing but I don't have a\nStable machine to test there.<\/p>\n
You can use my custom repo to install the latest NVIDIA drivers on Debian\nStable, Testing or Unstable (install from Sid repository):<\/p>\n
https:\/\/deb.debusine.debian.net\/debian\/r-samueloph-nvidia-ai\/<\/a><\/p>\n
The page above contains the APT sources you need, just add the one for your\nrelease to \/etc\/apt\/sources.list.d\/r-samueloph-nvidia-ai.sources<\/code>, run sudo apt update<\/code> and install the packages, you might need to disable Secure Boot.<\/p>\n
This is not about AI<\/h1>\n
Discussions about AI are quite divisive in the Free Software communities, and\nthere's so much to be said about it that I'm not willing to go into in this\nblog post. This is rather just me telling people that if they need up-to-date\nNVIDIA packages for Debian, they could check if my custom repository gets the\njob done.<\/p>\n
The AI part is a means to an end, I've been careful to note in the repository\nnames that the packages were produced with AI to respect people who do not want\nto run it for any reason.<\/p>\n
RTX 5000 series support<\/h1>\n
Back in May 2025 I opened a bug\nreport<\/a> asking for\nthe NVIDIA drivers on Debian to be updated to support the RTX 5000 series. The\nNouveau drivers might be good enough for some people, but I need the NVIDIA\ndrivers because I want to play games and do experiments with open weight\nmodels.<\/p>\n
Opening a bug report doesn't guarantee anything, at the end of the day Debian\nDevelopers are volunteers, so if I really wanted the newer drivers, I would\nhave to do something about it, ideally submitting a merge request.<\/p>\n
I briefly looked into the NVIDIA packaging, which involves 3 source packages\n(and one extra git repo for tarballs), unfortunately this was going to take\nmore time and effort than what I was willing to spend.<\/p>\n
What I Did<\/h1>\n
After a few weeks of lamenting that I wasn't running the NVIDIA drivers, I\nfigured I was willing to put in more effort than I originally thought, just\nenough to instruct the Claude Code agent to package the latest releases. I'm\nskilled enough with agentic tools that I knew how to use it to save time;\nproviding a clear instruction on how to build the package and explaining the\npackaging layout, then letting the agent iterate until it gets a working build.\nThe agent was running inside a VM that didn't have any of my credentials.<\/p>\n
After a little bit of back and forth, where I was reviewing the changes guiding\nthe agent into how to fix certain issues, I ended up with a working set of\npackages.<\/p>\n
Once I installed it on my machine and confirmed they worked, I set up a\ndebusine<\/a> repository to make it easier to\ninstall future updates, and let others test it out.<\/p>\n
Debusine is analogous to Ubuntu's famous PPA, or Fedora's EPEL, it's a\nrelatively new project but it has been working fine for this.<\/p>\n
Matheus Polkorny helped me test the packages and did spot a few issues which\nare fixed now. The Debusine developers were also always quick to respond to my\nquestions and bug\nreports<\/a>.<\/p>\n
How Good Is It?<\/h1>\n
Short answer: good enough for daily use, but not a substitute for an official Debian package.<\/strong><\/p>\n
The whole point of doing this is because I don't have enough free time to\nmaintain the package myself. All of this work was done as a volunteer, on my\npersonal time.<\/p>\n
This means I'm trusting the agent to some degree; I review its commits but I\ndon't go too deep into it, the quality will be dictated by the fact that I'm\na Debian Developer and so by how easily I can spot issues without double checking\neverything.<\/p>\n
I only have a single machine with an NVIDIA GPU, this machine runs Debian\nTesting and so I don't have a way to test the Stable packages. I can do my best\nto address problems but at this point there is a risk that new updates break\nsomething.<\/p>\n
Installing NVIDIA drivers has always been a bit risky regardless, if you're\ncomfortable with reverting updates and handling a system without a graphical\ninterface (in case you end up in a tty), you will be fine.<\/p>\n
You will likely need to disable Secure Boot in order to use them, or set up your\nBIOS so that a MOK can be used to sign the DKMS modules.<\/p>\n
When choosing the version strings for the packages, I was careful enough to\npick something that would sort lower than an official Debian package, meaning\nthat whenever that same version is packaged in Debian, your system will see it\nas an upgrade.<\/p>\n
If you have any other methods of installing the NVIDIA drivers on your Debian\nsystem that is working for you, you should likely stick to that.<\/p>\n
I have a strong preference for installing them through .deb packages, making\nthe package sort out configuration changes and dependency updates, besides\nhandling the DKMS modules.<\/p>\n
Ultimately I'm not happy with the amount of difficulty that Debian users have in\ninstalling up-to-date NVIDIA drivers, and I hope this makes it easier for some.<\/p>\n
How To Install<\/h1>\n
Head over to the Debusine page that contains both repos for Trixie (Debian\nStable) and Sid (for Debian Testing and Unstable):<\/p>\n
https:\/\/deb.debusine.debian.net\/debian\/r-samueloph-nvidia-ai\/<\/a><\/p>\n
If you are running Debian Testing, then pick the Sid repository.<\/strong><\/p>\n
That page contains the contents of the apt .sources<\/code> file you need, create the\nfile \/etc\/apt\/sources.list.d\/r-samueloph-nvidia-ai.sources<\/code> with the sources for your release.<\/p>\n
Run sudo apt update<\/code> and install the packages you need, if you already have a\nprevious version installed, sudo apt upgrade --update<\/code> would update them.<\/p>\n
If there are no upgrades, meaning you don't have a previous version installed,\nthen you need to explicitly install them.<\/p>\n
sudo<\/span> apt install nvidia-open-kernel-dkms nvidia-driver<\/span><\/span><\/code><\/pre>\n
If you run into issues in Debian Stable, consider using the Linux kernel package\nfrom the backports repository, if you need an up-to-date NVIDIA driver, you\nlikely should also be running the backports kernel package (if you can't\nupgrade to Debian Testing).<\/p>\n
Future Plans<\/h1>\n
I currently have no means of measuring how many people are using the debusine\nrepositories, so if you do end up using it feel free to let me know somehow.<\/p>\n
I don't know for how long I will keep managing this repository, and how much\neffort I will spend, but my machine needs it and for now I will keep it\nup-to-date with the latest production-grade NVIDIA drivers.<\/p>\n
tl;dr<\/h4>\n
This is an experimental feature that, for the first time, brings full ECH\nsupport to curl on Debian using OpenSSL.<\/p>\n
Starting with curl 8.19.0-3+exp2<\/strong> (Debian Experimental), you can now use\nECH, with HTTPS-RR and DoH for maximum privacy.<\/p>\n
curl 8.19.0-3+exp2 is quite fresh at the time of writing, bear in mind that your\nrepository might not have synced the package yet, all mirrors should have it by\nMarch 27th 14:00 UTC.<\/p>\n
# defo.ie is a test server that confirms whether ECH was successfully used<\/span><\/span>\ncurl<\/span> -v --ech<\/span> hard https:\/\/defo.ie\/ech-check.php<\/span><\/span>\n# For Encrypted Client Hello (ECH) + DNS over HTTPS (DoH)<\/span><\/span>\ncurl<\/span> -v --ech<\/span> hard<\/span> --doh-url<\/span> https:\/\/1.1.1.1\/dns-query https:\/\/defo.ie\/ech-check.php<\/span><\/span><\/code><\/pre>\n
\"--ech hard\" tells curl to refuse the connection entirely if ECH cannot be negotiated.<\/em><\/p>\n
Or, if you would like to try it out in a container:<\/p>\n
podman<\/span> run debian:experimental \/bin\/bash<\/span> -c<\/span> '<\/span>apt install --update -t experimental -y curl && curl -v --ech hard --doh-url https:\/\/1.1.1.1\/dns-query https:\/\/defo.ie\/ech-check.php<\/span>'<\/span><\/span><\/code><\/pre>\n
(in case you haven't noticed, apt now has the --update<\/code> option for the\nupgrade<\/code> and install<\/code> commands)<\/em><\/p>\n
For Privacy<\/h1>\n
CloudFlare calls it \"the last puzzle piece to privacy\" in their must-read\nannouncement: https:\/\/blog.cloudflare.com\/announcing-encrypted-client-hello\/<\/a>.<\/p>\n
Encrypted Client Hello (rfc9849)<\/a> encrypts the\n\"which website are you connecting to?\" part of the TLS handshake that was\npreviously visible in plaintext.<\/p>\n
HTTPS-RR (rfc9460)<\/a> is a DNS record type that\npublishes connection parameters for a service, including the public key clients\nneed to perform ECH.<\/p>\n
DNS Over HTTPS (rfc8484)<\/a> encrypts DNS queries\nby tunneling them over HTTPS, hiding what domains you're looking up from\nnetwork observers.<\/p>\n
When all three operate together over a CDN with shared IP space, the target\ndomain name is hidden from passive observers; the HTTPS-RR record is queried\nover DoH in order to retrieve the ECH key\n(rfc9848)<\/a> for the TLS handshake.<\/p>\n
Seems like quite an important feature, and in fact the major browsers have it\nenabled for some time now, the trick is that they do not use OpenSSL (Chrome\nuses BoringSSL and Firefox uses NSS).<\/p>\n
For everyone else, the only option is to patch OpenSSL or wait until 4.0.0 is\nreleased, and so part of the reason Debian is the first distro to enable it\n(curl + OpenSSL + ECH) is that the OpenSSL maintainer (Sebastian Andrzej\nSiewior) packaged the alpha release just 3 days after it was published.<\/p>\n
Do not forget that ECH support is experimental and currently relies on the\nalpha release of OpenSSL.<\/p>\n
wcurl Gets It Too<\/h1>\n
Considering wcurl<\/a> is just a wrapper on curl, it gets\nthe feature for free:<\/p>\n
wcurl<\/span> --curl-options=<\/span>"<\/span>--ech hard --doh-url https:\/\/1.1.1.1\/dns-query<\/span>"<\/span> $URL<\/span><\/span><\/code><\/pre>\n
If you're using wcurl, you don't want to have to set parameters, this is just\nto show that the feature is there and if you have a .curlrc<\/code> file, it can\nenable the feature seamlessly.<\/p>\n
Other Debian Releases<\/h1>\n
Given the ECH feature requires OpenSSL >= 4, it will not make it to Debian 13,\nhaving a small chance of going to Debian 13 Backports (emphasis on small).<\/p>\n
It should get to Debian Unstable and Debian Testing within the next couple of\nmonths<\/strong> as the OpenSSL GA release happens and gets packaged, but you should be\nable to install the package from Experimental in your Unstable and Testing\nsystems without issues. It will also be in Debian 14 once it becomes the new Stable.<\/p>\n
Shoulders of Giants<\/h1>\n
Stephen Farrell's presentation from OpenSSL Conference 2025 has a lot of\nbackground on the work involved:<\/p>\n
Encrypted Client Hello \u2013 Lessons learned from trying to do something that was\nprobably too complicated<\/a><\/p>\n
They have been working on implementing ECH in open-source projects for years,\nsomething as big as this doesn't happen without lots of people dedicating both\ntheir paid and free times over it.<\/p>\n
I ended up being the person who enabled it on Debian, which was pretty much the\nleast amount of work between everyone involved, but hey it's fun flipping the\nswitch and telling you about it.<\/p>\n
Background<\/h1>\n
Since 2025, the curl developers started organizing an yearly meeting with all\nmaintainers of curl in Operating Systems. The 2026 edition happened in March\n26th:\nhttps:\/\/github.com\/curl\/curl\/wiki\/curl-distro-discussion-2026<\/a>.<\/p>\n
Attendance was really good, and as you can imagine one of the topics of\ndiscussion was ECH, in which it was pointed out that having OpenSSL 4 was\nthe main requirement but besides it nothing unusual was needed.<\/p>\n
In Debian Experimental, we have been enabling HTTPS-RR since March 2025, and\nOpenSSL 4.0.0 alpha was packaged just recently (2026-03-13) by Sebastian\nAndrzej Siewior, it's time for the next step.<\/p>\n
The curl distro meeting was just the motivation I needed to go ahead and\nenable it in Debian Experimental, so as part of our Debian Brasil Weekly\nMeetings I've prepared and uploaded the changes, while Carlos Henrique Lima\nMelara worked on addressing a recent test regression for Debian Unstable.\nUnfortunately sergiodj couldn't join and I'm sure he's jealous of the hacking\nsession now.<\/p>\n
Appendix<\/h1>\n
While writing this, I've noticed one of the authors of the CloudFlare blogpost\nis the previous curl maintainer on Debian; Alessandro Ghedini let me take over\nthe maintenance back in 2021 and today curl is maintained by a team of 4\npeople, it's nice to see Alessandro's involvement.<\/p>\n"},{"title":"Debian 13: My list of exciting new features","published":"2025-08-28T17:30:00+00:00","updated":"2025-08-28T17:30:00+00:00","author":{"name":"\n            \n              Unknown\n            \n          "},"link":{"@attributes":{"rel":"alternate","type":"text\/html","href":"https:\/\/samueloph.dev\/blog\/debian-13-my-list-of-exciting-new-features\/"}},"id":"https:\/\/samueloph.dev\/blog\/debian-13-my-list-of-exciting-new-features\/","content":" \"A\n
Beyond Debian: Useful for other distros too<\/h1>\n
Every two years Debian releases a new major version of its Stable series,\nmeaning the differences between consecutive Debian Stable releases represent\ntwo years of new developments both in Debian as an organization and its native\npackages, but also in all other packages which are also shipped by other\ndistributions (which are getting into this new Stable release).<\/p>\n
If you're not paying close attention to everything that's going on all the time\nin the Linux world, you miss a lot of the nice new features and tools. It's\ncommon for people to only realize there's a cool new trick available only years\nafter it was first introduced.<\/p>\n
Given these considerations, the tips that I'm describing will eventually be\navailable in whatever other distribution you use, be it because it's a Debian\nderivative or because it just got the same feature from the upstream project.<\/p>\n
I'm not going to list \"passive\" features (as good as they can be), the focus\nhere is on new features that might change how you configure and use your\nmachine, with a mix between productivity and performance.<\/p>\n
Debian 13 - Trixie<\/h1>\n
I have been a Debian Testing user for longer than 10 years now (and I recommend\nit for non-server users), so I'm not usually keeping track of all the cool\nfeatures arriving in the new Stable releases because I'm continuously receiving\nthem through the Debian Testing rolling release.<\/p>\n
Nonetheless, as a Debian Developer I'm in a good position to point out the ones\nI can remember. I would also like other Debian Developers to do the same as I'm\nsure I would learn something new.<\/p>\n
The Debian 13 release notes contain a \"What's new\" section\n<\/a>, which\nlists the first two items here and a few other things, in other words, take my\nlist as an addition to the release notes.<\/p>\n
Debian 13 was released on 2025-08-09, and these are nice things you shouldn't\nmiss in the new release, with a bonus one not tied to the Debian 13 release.<\/p>\n
1) wcurl<\/h2>\n \"wcurl\n
Have you ever had to download a file from your terminal using curl and didn't\nremember the parameters needed? I did.<\/p>\n
Nowadays you can use wcurl<\/code>; \"a command line tool which lets you download URLs\nwithout having to remember any parameters.\"<\/p>\n
Simply call wcurl<\/code> with one or more URLs as parameters and it will download\nall of them in parallel, performing retries, choosing the correct output file\nname, following redirects, and more.<\/p>\n
Try it out:<\/p>\n
wcurl<\/span> example.com<\/span><\/span><\/code><\/pre>\n
wcurl<\/code> comes installed as part of the curl package on Debian 13 and in any other\ndistribution you can imagine, starting with curl 8.14.0.<\/p>\n
2) HTTP\/3 support in curl<\/h2>\n
Debian has become the first stable Linux distribution to ship curl with support\nfor HTTP\/3. I've written about this in July\n2024<\/a>, when we\nfirst enabled it. Note that we first switched the curl CLI to GnuTLS, but then\nended up releasing the curl CLI linked with OpenSSL (as support arrived later).<\/p>\n
Debian was the first stable Linux distro to enable it, and within\nrolling-release-based distros; Gentoo enabled it first in their non-default\nflavor of the package and Arch Linux did it three months before we pushed it to\nDebian Unstable\/Testing\/Stable-backports, kudos to them!<\/p>\n
HTTP\/3 is not used by default by the curl CLI, you have to enable it with\n--http3<\/code> or --http3-only<\/code>.<\/p>\n
Try it out:<\/p>\n
curl<\/span> --http3<\/span> https:\/\/www.example.org<\/span><\/span>\ncurl<\/span> --http3-only<\/span> https:\/\/www.example.org<\/span><\/span><\/code><\/pre>
3) systemd soft-reboot<\/h2>\n
Starting with systemd v254, there's a new soft-reboot<\/code> option, it's an\nuserspace-only reboot, much faster than a full reboot if you don't need to\nreboot the kernel.<\/p>\n
You can read the announcement from the systemd v254 GitHub\nrelease<\/a><\/p>\n
Try it out:<\/p>\n
# This will reboot your machine!<\/span><\/span>\nsystemctl<\/span> soft-reboot<\/span><\/span><\/code><\/pre>
4) apt --update<\/h2>\n
Are you tired of being required to run sudo apt update<\/code> just before sudo apt upgrade<\/code> or sudo apt install $PACKAGE<\/code>? So am I!<\/p>\n
The new --update<\/code> option lets you do both things in a single command:<\/p>\n
sudo<\/span> apt<\/span> --update<\/span> upgrade<\/span><\/span>\nsudo<\/span> apt<\/span> --update<\/span> install<\/span> $PACKAGE<\/span><\/span><\/code><\/pre>\n
I love this, but it's still not yet where it should be, fingers crossed for a\nsimple apt upgrade<\/code> to behave like other package managers by updating its\ncache as part of the task, maybe in Debian 14?<\/p>\n
Try it out:<\/p>\n
sudo<\/span> apt upgrade<\/span> --update<\/span><\/span>\n# The order doesn't matter<\/span><\/span>\nsudo<\/span> apt<\/span> --update<\/span> upgrade<\/span><\/span><\/code><\/pre>\n
This is especially handy for container usage, where you have to update the apt\ncache before installing anything, for example:<\/p>\n
podman<\/span> run debian:stable bin\/bash<\/span> -c<\/span> '<\/span>apt install --update -y curl<\/span>'<\/span><\/span><\/code><\/pre>
5) powerline-go<\/h2>\n
powerline-go<\/code> is a powerline-style prompt written in Golang, so it's much more\nperformant than its Python alternative powerline<\/code>.<\/p>\n
powerline-style prompts are quite useful to show things like the current status\nof the git repo in your working directory, exit code of the previous command,\npresence of jobs in the background, whether or not you're in an ssh session,\nand more.<\/p>\n \"A\n
Try it out:<\/p>\n
sudo<\/span> apt install powerline-go<\/span><\/span><\/code><\/pre>\n
Then add this to your .bashrc<\/code>:<\/p>\n
function<\/span> _update_ps1<\/span>() {<\/span><\/span>\n    PS1<\/span>=<\/span>"$(<\/span>\/usr\/bin\/powerline-go<\/span> -error<\/span> $?<\/span> -jobs<\/span> $(<\/span>jobs<\/span> -p<\/span> |<\/span> wc<\/span> -l<\/span>))"<\/span><\/span>\n<\/span>\n    # Uncomment the following line to automatically clear errors after showing<\/span><\/span>\n    # them once. This not only clears the error for powerline-go, but also for<\/span><\/span>\n    # everything else you run in that shell. Don't enable this if you're not<\/span><\/span>\n    # sure this is what you want.<\/span><\/span>\n<\/span>\n    #set "?"<\/span><\/span>\n}<\/span><\/span>\n<\/span>\nif<\/span> [<\/span> "<\/span>$TERM<\/span>"<\/span> !=<\/span> "<\/span>linux<\/span>"<\/span> ]<\/span> &&<\/span> [<\/span> -f<\/span> "<\/span>\/usr\/bin\/powerline-go<\/span>"<\/span> ]<\/span>;<\/span> then<\/span><\/span>\n    PROMPT_COMMAND<\/span>=<\/span>"<\/span>_update_ps1; <\/span>$PROMPT_COMMAND<\/span>"<\/span><\/span>\nfi<\/span><\/span><\/code><\/pre>\n
Or this to .zshrc<\/code>:<\/p>\n
function<\/span> powerline_precmd<\/span>() {<\/span><\/span>\n    PS1<\/span>=<\/span>"$(<\/span>\/usr\/bin\/powerline-go<\/span> -error<\/span> $?<\/span> -jobs<\/span> ${${<\/span>(<\/span>%<\/span>)<\/span>:%<\/span>j<\/span>}<\/span>:-<\/span>0<\/span>})"<\/span><\/span>\n<\/span>\n    # Uncomment the following line to automatically clear errors after showing<\/span><\/span>\n    # them once. This not only clears the error for powerline-go, but also for<\/span><\/span>\n    # everything else you run in that shell. Don't enable this if you're not<\/span><\/span>\n    # sure this is what you want.<\/span><\/span>\n<\/span>\n    #set "?"<\/span><\/span>\n}<\/span><\/span><\/code><\/pre>\n
If you'd like to have your prompt start in a newline, like I have in the\nscreenshot above, you just need to set -newline<\/code> in the powerline-go\ninvocation in your .bashrc<\/code>\/.zshrc<\/code>.<\/p>\n
6) Gnome System Monitor Extension<\/h2>\n
Tips number 6 and 7 are for Gnome users.<\/p>\n
Gnome is now shipping a system monitor extension which lets you get a glance of\nthe current load of your machine from the top bar.<\/p>\n \"Screenshot\n
I've found this quite useful for machines where I'm required to install\nthird-party monitoring software that tends to randomly consume more resources\nthan it should. If I feel like my machine is struggling, I can quickly glance\nat its load to verify if it's getting overloaded by some process.<\/p>\n
The extension is not as complete as\nsystem-monitor-next<\/a>,\nnot showing temperatures or histograms, but at least it's officially part of\nGnome, easy to install and supported by them.<\/p>\n
Try it out:<\/p>\n
sudo<\/span> apt install gnome-system-monitor gnome-shell-extension-manager<\/span><\/span><\/code><\/pre>\n
And then enable the extension from the \"Extension Manager\" application.<\/p>\n
8) Lazygit<\/h2>\n
Emacs users are already familiar with the legendary magit<\/code>; a terminal-based\nUI for git.<\/p>\n
Lazygit is an alternative for non-emacs users, you can integrate it with neovim\nor just use it directly.<\/p>\n
I'm still playing with lazygit<\/code> and haven't integrated it into my workflows,\nbut so far it has been a pleasant experience.<\/p>\n \"Screenshot\n
You should check out the demos from the lazygit GitHub\npage<\/a>.<\/p>\n
Try it out:<\/p>\n
sudo<\/span> apt install lazygit<\/span><\/span><\/code><\/pre>\n
And then call lazygit<\/code> from within a git repository.<\/p>\n
9) neovim<\/h2>\n
neovim has been shipped in Debian since 2016, but upstream has been doing a lot of\nwork to improve the experience out-of-the-box in the last couple of years.<\/p>\n
If you're a neovim poweruser, you're likely not installing it from the official\nrepositories, but for those that are, Debian 13 comes with version 0.10.4,\nwhich brings the following improvements compared to the version in Debian 12:<\/p>\n
7) Gnome setting for battery charging profile<\/h2>\n
After having to learn more about batteries in order to get into FPV drones,\nI've come to have a bigger appreciation for solutions that minimize the\ninevitable loss of capacity that accrues over time.<\/p>\n
There's now a \"Battery Charging\" setting (under the \"Power\") section which lets\nyou choose between two different profiles: \"Maximize Charge\" and \"Preserve\nBattery Health\".<\/p>\n \"A\n
On supported laptops, this setting is an easy way to set thresholds for when\ncharging should start and stop, just like you could do it with the tlp<\/code> package,\nbut now from the Gnome settings.<\/p>\n
To increase the longevity of my laptop battery, I always keep it at \"Preserve\nBattery Health\" unless I'm traveling.<\/p>\n
What I would like to see next is support for choosing different \"Power Modes\"\nbased on whether the laptop is plugged-in, and based on the battery\ncharge percentage.<\/p>\n
There's a GNOME\nissue<\/a>\ntracking this feature, but there's some pushback on whether this is the right\nthing to expose to users.<\/p>\n
In the meantime, there are some workarounds mentioned in that issue which\npeople who really want this feature can follow.<\/p>\n
If you would like to learn more about batteries; Battery\nUniversity<\/a> is a great starting point, besides\ngetting into FPV drones and being forced to handle batteries without a Battery\nManagement System (BMS).<\/p>\n
And if by any chance this sparks your interest in FPV drones, Joshua Bardwell's\nYouTube channel is a great resource:\n@JoshuaBardwell<\/a>.<\/p>\n
I've written more about wcurl in its release\nannouncement<\/a>\nand I've done a lightning talk presentation in DebConf24, which is linked in\nthe release announcement.<\/p>\n
Sources<\/h1>\n
The sources of the packages are available under a namespace in Salsa (Debian's\nGitLab instance):<\/p>\n
https:\/\/salsa.debian.org\/samueloph-forks-team\/nvidia-drivers-forks-with-ai<\/a><\/p>\n
You can also get the exact sources used in the repositories from debusine:<\/p>\n
https:\/\/debusine.debian.net\/debian\/r-samueloph-nvidia-ai\/collection\/debian:suite\/sid-nvidia-ai\/search\/?category=debian:source-package<\/a><\/p>\n
https:\/\/debusine.debian.net\/debian\/r-samueloph-nvidia-ai\/collection\/debian:suite\/trixie-nvidia-ai\/search\/?category=debian:source-package<\/a><\/p>\n"},{"title":"I use curl with ECH btw (in Debian)","published":"2026-03-27T00:00:00+00:00","updated":"2026-03-27T00:00:00+00:00","author":{"name":"\n            \n              Unknown\n            \n          "},"link":{"@attributes":{"rel":"alternate","type":"text\/html","href":"https:\/\/samueloph.dev\/blog\/i-use-curl-with-ech-btw-in-debian\/"}},"id":"https:\/\/samueloph.dev\/blog\/i-use-curl-with-ech-btw-in-debian\/","content":"